<?php
/*** 
 *
 *
 *
 **/
require_once '../db/db.php';
require_once '../util/perm.php';
require_once '../util/msg.php';
require_once '../util/user.php';


function newPost( $stream, $title, $datum, $smurfKey, &$postNum = true ) { 
  if( !hasPerm('post.make') ) 
    return MSG_UNAUTHORIZED;

  $GLOBALS['__QNUM']++;
  try {
    $db = openDbConn();

    if( !$_SESSION['uid'] ) 
      loginDrone('guest');
    $uid = $_SESSION['uid'];
    $title = $db->quote($title);
    $stream = $db->quote($stream);
    $datum = $db->quote($datum);
    $time = $db->quote(time());
    $uid = $db->quote($uid);
    $smurfKey = $db->quote($smurfKey);

    $db->beginTransaction();
    $db->exec("INSERT INTO post (uid, stream, rank, indent, title, datum, date, smurfKey) 
                                    VALUES( $uid,
                                            $stream,
                                            1+ COALESCE( (SELECT MAX(post.rank) FROM post
                                                             WHERE stream = $stream ),
                                                      0), 
                                            0,
                                            $title, 
                                            $datum,
                                            $time,
                                            $smurfKey );");
    $db->exec("UPDATE thread  
               SET bumpuid = ${uid}, bumpdate = ${time} 
               WHERE thread.stream = ${stream}");    
    if( $postNum != true ) {
      // Another more transporatble query is "WHERE time=${time} AND datum=${datum} AND uid=${uid}"
      // Not sure if this will always return the correct value, but it should be pretty damn close.
      $post = $db->query('SELECT tid, rank FROM post WHERE post.id = '. $db->lastInsertId() .';' )->fetch(PDO::FETCH_ASSOC);
      $threadNum = $post['tid'];
      $postNum = $post['rank'];
      $post = NULL;
    }
    $db->commit();
  } catch ( PDOException $e ) {
    $db->rollback();
    print "ERROR: " . $e->getMessage() . "<br />";
    die();
  }
}
function deletePost( $pid ) {   
  if( !hasPerm('post.delete') ) 
    return MSG_UNAUTHORIZED;

  $GLOBALS['__QNUM']++;
  try {
    // XXX deleteing all posts will leave hanging thread
   require 'db/get/post.php';  
   if( postCount($threadNum) < 2 ) {
      // XXX Modify to link post MIN(post.rank) to thread
      die("Please Delete Thread Instead");
    }
    $db = openDbConn();
    $db->beginTransaction();
    $db->exec("DELETE FROM post WHERE post.tid = $threadNum AND post.rank = $postNum;");
    $db->commit();
  } catch ( PDOException $e ) {
    $db->rollback();
    print "ERROR: " . $e->getMessage() . "<br />";
    die();
  }
};

function setPost( $pid, $title, $datum, $skey ) {
  $mine = '';
  if( !hasPerm('post.edit') ) {
    if( !hasPerm('post.edit.mine') ) { 
      return MSG_UNAUTHORIZED;
    } else {
      $mine = " AND uid = ${_SESSION['uid']} "; 
    }
  }

  $GLOBALS['__QNUM']++;
  try {
    $db = openDbConn();

    $title = $db->quote( $title );
    $datum = $db->quote( $datum );
    $smurfKey = $db->quote($smurfKey);

    $postNum = $db->quote( $postNum );
    $threadNum = $db->quote( $threadNum );
    $uid = $db->quote($_SESSION['uid']);
    $time = $db->quote(time());

    $db->beginTransaction();
    $ret = $db->exec("UPDATE post 
                        SET title = $title, 
                            datum = $datum,
                            date = $time,
                            smurfKey = $smurfKey 
                            WHERE id = $pid ${mine};");
    $db->commit();

    return $ret;
  } catch ( PDOException $e ) {
    $db->rollback();
    print "ERROR: " . $e->getMessage() . "<br />";
    die();
  }
};



?>
